π§Ύ Plan of Action: MongoDB 8.0 - 3 Node Replica Set on Air-Gapped RHEL 8.9
π Overview
- Goal: Setup a MongoDB 8.0 replica set with 3 RHEL 8.9 air-gapped servers
- Nodes: 3 (Primary, Secondary, Secondary/Arbiter)
- No Internet access on servers
- RPMs and config provided from an internet-enabled Windows machine
π§± Architecture
Node | Hostname | Role |
---|---|---|
1 | mongo-node1 | Primary |
2 | mongo-node2 | Secondary |
3 | mongo-node3 | Secondary |
πΉ 1. Prerequisites on All RHEL Servers
- RHEL 8.9 installed
- Static IP or
/etc/hosts
updated for inter-node resolution - Ports open:
27017/tcp
- SELinux set to permissive or configured
- Firewall open:
sudo firewall-cmd --add-port=27017/tcp --permanent
sudo firewall-cmd --reload
πΉ 2. On Windows Machine (with Internet)
A. Download Required RPMs for MongoDB 8.0
- Visit: https://repo.mongodb.org/yum/redhat/8/mongodb-org/8.0/x86_64/RPMS/
-
Download:
- mongodb-org-8.0.0-1.el8.x86_64.rpm
- mongodb-org-server-8.0.0-1.el8.x86_64.rpm
- mongodb-org-shell-8.0.0-1.el8.x86_64.rpm
- mongodb-org-mongos-8.0.0-1.el8.x86_64.rpm
- mongodb-org-tools-8.0.0-1.el8.x86_64.rpm
Place RPMs in a folder:
mongodb8-rpms/
Zip the folder:
mongodb8-rpms.zip
πΉ 3. Transfer to All 3 RHEL Servers
- Use winSCP to move
mongodb8-rpms.zip
to each server. - On each node:
unzip mongodb8-rpms.zip -d mongodb8-rpms
cd mongodb8-rpms
sudo dnf install *.rpm
πΉ 4. Configure MongoDB on Each Node
Edit /etc/mongod.conf
:
net:
bindIp: 0.0.0.0
port: 27017
replication:
replSetName: rs0
Update /etc/hosts
:
<IP1> mongo-node1
<IP2> mongo-node2
<IP3> mongo-node3
πΉ 5. Start MongoDB on Each Node
sudo systemctl enable mongod
sudo systemctl start mongod
sudo systemctl status mongod
πΉ 6. Initiate Replica Set (on Primary Node)
mongosh
rs.initiate({
_id: "rs0",
members: [
{ _id: 0, host: "mongo-node1:27017" },
{ _id: 1, host: "mongo-node2:27017" },
{ _id: 2, host: "mongo-node3:27017" }
]
})
rs.status()
πΉ 7. (Optional) Enable Authentication
On primary node:
use admin
db.createUser({
user: "admin",
pwd: "securePassword",
roles: [ { role: "root", db: "admin" } ]
})
Edit /etc/mongod.conf
:
security:
authorization: enabled
Restart MongoDB:
sudo systemctl restart mongod
π Optional: Local Yum Repo
sudo dnf install createrepo -y
createrepo /tmp/mongodb8-rpms
sudo tee /etc/yum.repos.d/mongodb-local.repo <<EOF
[mongodb-local]
name=MongoDB 8 Local Repo
baseurl=file:///tmp/mongodb8-rpms
enabled=1
gpgcheck=0
EOF
β Final Checklist
Task | Check |
---|---|
Mongo running | systemctl status mongod |
Replica configured | rs.status() |
Authentication works | db.auth('admin', 'securePassword') |
Network open | telnet mongo-nodeX 27017 |
π MongoDB Cluster Cheat Sheet (Replica Set)
π§ Basic Cluster Setup Commands
βΆοΈ Initialize Replica Set (run on primary)
rs.initiate({
_id: "rs0",
members: [
{ _id: 0, host: "mongo-node1:27017" },
{ _id: 1, host: "mongo-node2:27017" },
{ _id: 2, host: "mongo-node3:27017" }
]
})
β Add Node
rs.add("mongo-node4:27017")
β Remove Node
rs.remove("mongo-node3:27017")
βοΈ Step Down Primary
rs.stepDown()
π Monitoring & Config
π§ Show Config
rs.conf()
π Status of Replica Set
rs.status()
β±οΈ Replication Lag Info (Secondary)
rs.printSlaveReplicationInfo()
π Authentication
π€ Create Admin User
use admin
db.createUser({
user: "admin",
pwd: "securePassword",
roles: [ { role: "root", db: "admin" } ]
})
π Enable Authentication in mongod.conf
security:
authorization: enabled
π‘ CRUD Commands (Data Ops)
π₯ Insert
use mydb
db.users.insertOne({ name: "Ragu", role: "admin" })
π€ Read
db.users.find()
db.users.findOne({ name: "Ragu" })
π Update
db.users.updateOne({ name: "Ragu" }, { $set: { role: "engineer" } })
ποΈ Delete
db.users.deleteOne({ name: "Ragu" })
βοΈ Connection Commands
βΆοΈ Local Shell
mongosh
βΆοΈ Remote Shell (no auth)
mongosh --host mongo-node1:27017
βΆοΈ Remote Shell (with auth)
mongosh "mongodb://admin:securePassword@mongo-node1:27017/?authSource=admin&replicaSet=rs0"
π File Paths
File | Location |
---|---|
Config | /etc/mongod.conf |
Logs | /var/log/mongodb/mongod.log |
Data | /var/lib/mongo |
π§ͺ Testing Tips
- Shut down primary:
sudo systemctl stop mongod
- Watch failover with:
rs.status()
- Restart with:
sudo systemctl start mongod
Top comments (0)